Voozh

Reproducible identifiers & fine-grained build dependency tracking for software artifacts.

OmniBOR defines two key concepts, Artifact IDs and Input Manifests, that enable anyone to independently produce the same identifier for any software artifact, and to detect any artifact built with vulnerable inputs.

Artifact IDs

Reproducible identifiers based only on an artifact itself.

Learn more ↗

Input Manifests

Records of Artifact IDs for artifact build inputs.

Learn more ↗

OMNIBOR

Reproducible identifiers and fine-grained build dependency tracking for software artifacts.

Spec
Stable v0.1
Latest ↗

Tools
OmniBOR CLI ↗
bomsh ↗
jbor ↗
Third-Party Tools

Libraries
Rust ↗
Go ↗
.NET ↗
Python ↗

Docs
Artifact IDs
Input Manifests
Glossary
Resources

Info
Contribute
Project

Social
YouTube ↗
Twitter / X ↗

URL: https://omnibor.io/

⇱ OmniBOR — OmniBOR

Reproducible identifiers & fine-grained build dependency tracking for software artifacts.

Artifact IDs

Input Manifests